Many tools help to aid statistical flow analysis. The most common ones are Yet Another Flowmeter (YAF), System for Internet-Level Knowledge (SiLK), iSiLK, Argus, Wireshark, and Bro. While most of them provide a similar set of features, we will primarily be discussing YAF and SiLK being open source and easily gettable. We discussed IPFIX a bit in the previous section. Let's see how we can convert a PCAP file into an IPFIX-enabled format through YAF. YAF is a tool that processes packets from pcap files or live captures from network interfaces into bidirectional flows to an IPFIX-oriented file format. The output retrieved from YAF can be fed to popular tools, such as SiLK and other IPFIX-compliant tools. YAF contains two primary tools, one is YAF itself, and the other is yafascii, which prints data in the ASCII format based on the IPFIX-enabled input...
Germany
Slovakia
Canada
Brazil
Singapore
Hungary
Philippines
Mexico
Thailand
Ukraine
Luxembourg
Estonia
Lithuania
Norway
Chile
United States
Great Britain
India
Spain
South Korea
Ecuador
Colombia
Taiwan
Switzerland
Indonesia
Cyprus
Denmark
Finland
Poland
Malta
Czechia
New Zealand
Austria
Turkey
France
Sweden
Italy
Egypt
Belgium
Portugal
Slovenia
Ireland
Romania
Greece
Argentina
Malaysia
South Africa
Netherlands
Bulgaria
Latvia
Australia
Japan
Russia